Job Title: Lead Cyber Security Incident Commander Overview: As a Lead Cyber Security Incident Commander, you will be at the forefront of our organization's defense against cyber threats. This hands-on leadership role requires a seasoned professional with extensive experience in incident response, a strategic mindset, and the ability to guide and mentor incident response teams. Your core role will be to orchestrate the response to complex cybersecurity incidents, ensuring effective mitigation strategies, and contributing to the enhancement of our overall cyber resilience. A key responsibility is to continually assess security monitoring effectiveness and to make recommendations to improve CDKs Cyber Security Incident Response capabilities. This position reports to the Director of Enterprise Security and works closely with key stakeholders in incident response roles company wide. Responsibilities: Strategic Incident Response Leadership: * Provide strategic direction and leadership to the incident response team. * Develop and implement incident response strategies aligned with the organization's overall cybersecurity objectives and effective use of CDK's MDR vendor. * Work hand in hand with CDK's Principle Security Engineering leader to define and tune security controls and logs that drive effective cyber detection and response actions. Incident Triage and Analysis: * Lead incident responses and triage efforts to accurately assess the severity and scope of cybersecurity incidents. Maintain calm, reduce stress and keep key responders focused while managing communications up to senior management. * Partner with the CDK forensics function to determine when conducting in-depth analysis of sophisticated threats and incidents is necessary to ensure that there are no residual risks remain and root causes are understood. guide the team in formulating effective response plans. Collaboration and Cross-Functional Leadership: * Foster collaboration among cross-functional teams, ensuring seamless coordination during incident response. * Interface with executive leadership, legal, compliance, and other stakeholders to provide strategic insights and updates. Incident Response Process Enhancement: * As a key stakeholder, partner with other enterprise incident commanders to establish and maintain an enterprise incident response process that manages all communications to executive leaders in a consistent manner. * Maintain an active responder / off-hours pager duty list adjusting for time off and out-sick variables. This must include contingency backups. * Continuously assess and enhance incident response run books. * Identify opportunities for automation and optimization to streamline response efforts. Executive Communication: * Work with Security Risk manager to develop and manage clear and concise cyber incident impact communications in business terms including impacts, and resolution strategies. * Assist in translating technical details into actionable insights for non-technical stakeholders. Mentorship and Skill Development: * Lead regular scenario-based incident response exercises and be a key stakeholder and contributor to Sr Executive tabletop exercises. * Provide mentorship to incident response team members, fostering their professional growth and development and encourage achievement of certifications that align with the role. * Conduct training sessions and workshops to enhance the overall skill set of the incident response team. Thought Leadership: * Stay abreast of emerging cyber threats and industry best practices. Work with Security Risk manager to inform of potential risks and define mitigation actions. * Contribute to thought leadership by publishing internal articles, identifying and attending training to keep skills current. Qualifications: * Proven ability to make critical decisions under pressure and guide teams through complex incident response scenarios. * Excellent communication skills with the ability to articulate technical details to both technical and non-technical audiences. * Extensive experience in leading and managing cybersecurity incident response teams. * Advanced understanding of cybersecurity technologies, threat landscapes, and risk management. Bachelor's or Master's degree in Cybersecurity, Information Technology, or a related field; industry certifications (e.g., CISSP, CISM, GCFA) preferred. Preferred Skills: * Proficiency in digital forensics, malware analysis, and threat hunting. * Experience with threat intelligence platforms and frameworks. * Familiarity with cloud security controls and monitoring best practices. Note: This job description is intended to capture the essence of the Lead Cyber Security Incident Commander role and may be adjusted based on the evolving needs of the organization. The Lead Cyber Security Incident Commander is expected to adapt to emerging threats and technologies in the cybersecurity landscape. Salary range: $144,000 to $165,000 Domestic travel will be required - Approx 30% CDK Global is committed to fair and equitable compensation practices. Compensation packages are based on several factors, including but not limited to skills, experience, certifications, and work location. The total compensation package for this position may also include annual performance bonus, benefits and/or other applicable incentive compensation plans.We offer Medical, dental, and vision benefits in addition to: * Paid Time Off (PTO) * 401K Matching Program * Tuition Reimbursement At CDK, we believe inclusion and diversity are essential in inspiring meaningful connections to our people, customers and communities. We are open, curious and encourage different views, so that everyone can be their best selves and make an impact. CDK is an Equal Opportunity Employer committed to creating an inclusive workforce where everyone is valued. Qualified applicants will receive consideration for employment without regard to race, color, creed, ancestry, national origin, gender, sexual orientation, gender identity, gender expression, marital status, creed or religion, age, disability (including pregnancy), results of genetic testing, service in the military, veteran status or any other category protected by law. Applicants for employment in the US must be authorized to work in the US. CDK may offer employer visa sponsorship to applicants.